Meet the SiteforLess Cloud Infrastructure

This is Managed WordPress Hosting at it's Best: Robust, Secure, Fast, U.S. Based...

At SiteforLess, we strive toward 100% uptime on all of our managed WordPress services for our clients while offering robust security and protections designed to keep our systems running around the clock.

We host and manage all of our solutions within this environment so that we can offer our clients the best possible performance and security.

Managed DNS and CDN

Maximizing security and throughput at the edge of the Internet

Because we are a full-service managed WordPress solution provider, we handle our client DNS records on their behalf. Our anycast DNS infrastructure is global in scale and designed to maximize throughput closest to where the request originates.

Comprised of over 23 data centers around the world, this robust system helps to protect against DDOS attacks and enhances speed.

This system also serves as a content distribution network. While others charge extra for this service, with SiteforLess it is fully integrated into our offering. Our CDN automatically caches your website and delivers requested content directly to visitors. This reduces requests by 55% and bandwidth by 40%. Should your website ever see a huge spike in legitimate traffic, our infrastructure automatically scales right at the content distribution network to help handle the workload.

Proudly Co-Located At TierPoint

A Leading Data Center Infrastructure Specialist

Our cloud-based hosting environment runs from within a dedicated system co-located with TierPoint, an industry-leading data center specialist with an eye on supporting mission-critical demands. TierPoint’s massive data center footprint offers our environment unprecedented growth capabilities while also supplying potent access to the backbone of the Internet.

Our data centers meet the strictest compliance guidelines and have both physical and environmental security in place to prevent interference with our premises. We also have an access control layer to ensure only approved users are granted access to appropriate systems and resources.

Gigabit Connectivity to Multiple Carriers
Our datacenters all feature multiple gigabits of connectivity to multiple “Tier 1” backbones to handle even the most demanding needs.
We currently connect with Telia, Level 3, Cogent, Suddenlink, and NTT.

A+B Power
With A+B power you have 2 power feeds fed by 2 separate UPSs (battery backup), 2 separate generators, and 2 separate utility feeds. We use the A+B feeds for all equipment — network switches, compute nodes, and storage nodes.

In addition, we ensure the following with our managed WordPress environment:

SiteforLess WatchDog™ 7-Layer Security

The Most Comprehensive Managed WordPress Security System Available Today

SiteforLess WatchDog™ works hard to protect your site from attacks by unauthorized visitors. While no system is impenetrable, we pro-actively work on your behalf to protect your site from malicious behavior and hacking attempts. The SiteforLess WatchDog™ works behind the scenes in a transparent manner. There is zero noticeable impact on page serving speeds.

System Management

The best practice for preventing attacks is to have a managed system where security patches are applied on a regular basis and core platform systems are updated regularly. (These include servers, WordPress, Themes, and Plugins.) Part of our Managed Hosting Solution includes keeping all of these core files up-to-date without your needing to lift a finger.

Data Center Security

All data centers utilized by SiteforLess are required to pass a series of critical audits to ensure compliance with critical regulations including HIPAA/HITECH, GLBA, PCI-DSS v3.2, and ITAR. All Email services are co-located with Rackspace. All other services are co-located with TierPoint.

Firewalls & Security Layers

We use multiple distinct firewalls and security systems at various stages of access to our environment. We offer protection against ICMP, SYN, and UDP flood attacks and basic DOS packet floods. Each security layer is specifically tuned to accomplish specific goals…

The first exists directly at the DNS layer and filters IP addresses with known bad behavior.

The second exists at the environment level and leverages Artificial Intelligence to further diminish attacks.

The third is a front-facing anti-malware system that constantly scans the cloud for potentital threats and eliminates them.

The fourth is an application firewall that stands in front of our WordPress cloud. This scans more than 300 additional attack vectors, including specific attacks designed to target WordPress.

The fifth is within WordPress itself. This monitors behaviors within WordPress itself and protects against internal attacks.

The sixth is designed to protect sites against comment spam from bots and automated systems.

The seventh is designed to protect user accounts.

Anti-Hacking

Most hackers try to break into sites for nothing more than bragging rights. Others seek to do real economic damage. We have identified the major types of hacking attempts and have worked to protect our system as much as possible from such attacks.

SQL Injection1 -These attacks seek to obtain or modify information from databases in a way that the hosting environment doesn’t expect.

Executable File Upload1 -These seek to upload executable files that will then allow an attacker to take control of your site.

Field Truncation1 -An attempt to use whitespace characters to pass information that would otherwise not be permitted.

Brute Force Password Attacks -Hacker’s use automated systems to try and guess passwords. We suppress the error messages such systems rely upon thus complicating the password guessing process. We also lockdown access to the login screen from IP addresses that have had too many failed login attempts in a row. Our system administrators can unblock logins from a restricted IP address with permission from an authorized user.

System Vulnerability Attacks -Hackers share the system vulnerabilities they find with other hackers. As a result, hackers use scanners to seek out identical systems deployed using the same technology in an effort to apply the same hacking techniques across multiple deployed sites that may have identical vulnerabilities. We mask the majority of details about our system and even include some false information as well. This helps to confuse these automated systems.

Design Vulnerability Attacks -Hackers often find ways to break sites by attacking the site’s core design files. We employ a number of security measures to deny access to these files. However, we also use an active scanning system that monitors for any potential corruption and alerts our staff immediately if anything suspicious has been detected.

1 NOTE: System administrators are immediately notified if suspicious activity is detected and geolocation information is recorded for verification if suspicious activity is not from an expected IP address.

SSL Site Encryption

For all sites that are managed by our DNS system, we offer full SSL encrypted sessions for both the front-end of the site as well as back-end editor access.

Databases

To enhance performance and maximize flexibility, our system uses an SSD based data store. We actively monitor database security and use techniques to protect databases from intrusion.

All data submitted via forms is encrypted in real-time at the FIELD level with zero impact on site speed. Even if a hacking attempt was successful and the data was somehow downloaded, the information contained would be useless to hackers.

Traffic Blocking

SiteforLess is specifically designed to serve targeted markets including the U.S., Canada, the U.K., Ireland, Austrailia, and New Zealand. (Currently, we primarily serve the U.S.) We actively filter ALL OTHER traffic from across the globe. If an originating IP address is outside of our target markets, we immediately require additional levels of human verification to access our systems. In addition, the minute we detect inappropriate behavior (such as certain specific login attacks) we suspend access to our cloud from that originating IP.

In addition to overtly blocking traffic from certain countries, we actively participate in a special project that helps to block additional IP addresses associated with malicious behavior. To date there are over 45,000,000 trap addresses participating in this project that monitor for bad behavior:

We protect against spam harvesters -so far about 79,369 have been identified. A harvester is a computer program that surfs the internet looking for email addresses. Harvesting email addresses from the Internet is the primary way spammers build their lists. Harvesters must connect to the Internet through an IP address.

We protect against Dictionary Attackers -so far about 9,967,011 have been identified. In addition to harvesting, spammers also use a technique known as a dictionary attack in order to find new email addresses. A dictionary attack involves making up a number of email addresses, sending mail to them, and seeing what is delivered. Dictionary attackers typically send to common usernames.

We protect against known Comment Spammers -so far about 302,852 have been identified. Comment spammers do not send email spam. Instead, comment spammers post to blogs and forums. These posts typically include links to sites being promoted by the comment spammer. The purpose of these links is both to drive traffic from humans clicking on the links, as well as to increase search engine rankings which are sometimes based on the number of links to a page.

We also protect against “Bad Search Engines” that actually have malicious intentions -about 303,000 have been identified. In addition to denying access to malicious search engines, we also utilize an aggressive set of robots rules that help to filter out questionable search activities performed by lesser known search engines which seem to be associated with content scraping, etc.

Users

Administration: We provide several standard classes of users -from Administrators to Authors to Subscribers -and a few extra in-between. This affords our customers significant flexibility in controlling who has access to what within your site’s infrastructure. In addition, if our standard settings aren’t appropriate for your circumstances -the security settings can be defined even more tightly for each user class.

Passwords: We enforce a password policy requiring passwords to be of a minimum size. In addition, our system analyzes passwords at the moment of creation and provides you with a report on the password’s strength.

SiteforLess

SiteforLess is the realization of Greendays Group’s goal to be “One easy step to online marketing success™” and passion of “Unleashing companies via online marketing™”. Designed for small and mid-sized financial services throughout the United States, SiteforLess offers an awesome, rock-solid website presence. We help you be seen & found with powerful, fully supported & managed enhancements that make our implementation of managed WordPress totally unique. Indeed SiteforLess is “Managed WordPress Made Secure, Quick, Capable, & Affordable!™”